"Some GNOME developers are planning to implement an app format that allows developers to provide their Linux programs in distribution-independent files that can be installed as easily as smartphone apps. A sandbox model is supposed to isolate the apps from each other, and from the rest of the system, in a way that goes further than the isolation in current Linux distributions. Various developers worked to conceptualise such "Linux apps" at the GNOME Developer Experience Hackfest, which was held in the run-up to FOSDEM 2013 in Brussels. At the hackfest, the GNOME developers also declared JavaScript as the de-facto standard for GNOME programming." Right, because they haven't alienated enough of their users.

The idea of sandboxing apps is a novel idea. I just don't think they'll pull it off correctly.

I'd have more faith in their ideas were they not trying to use JavaScript for apps. The amount of concentrated stupid in that idea is appalling.

I wouldn't say novel but I would say nice to have. Honestly, I hope they use Google's Native Client as the basis for it.

That way, they get a tested codebase for the runtime and compiler toolchain, both capable of working with any language that'll compile under NaCl's patched GCC, and they only need to focus their security work on the stuff they modify (eg. the non-Google APIs they expose to apps to allow a native experience)

Of course, given their focus on Javascript, I suspect they'll consider it overkill to sandbox the native code rather than redoing all the security work to squash bugs in the JS runtime's sandbox.